From 38bda7e1bb91586e20f41cd52254a49b2a549d5e Mon Sep 17 00:00:00 2001
From: ISSOtm <eldredhabert0@gmail.com>
Date: Fri, 31 Jul 2020 09:49:51 +0200
Subject: [PATCH] Fix string expansion reporting

More expansions were allowed than the limit specified, and reporting code
did not account for the extra one that caused overflow
---
 src/asm/lexer.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/asm/lexer.c b/src/asm/lexer.c
index 6fcccb6f..71c4a95c 100644
--- a/src/asm/lexer.c
+++ b/src/asm/lexer.c
@@ -501,14 +501,10 @@ static void reallocCaptureBuf(void)
 
 static struct Expansion *getExpansionAtDistance(size_t *distance)
 {
-	unsigned int depth = 0;
 	struct Expansion *expansion = NULL; /* Top level has no "previous" level */
 
 #define LOOKUP_PRE_NEST(exp)
-#define LOOKUP_POST_NEST(exp) do { \
-	if (depth++ > nMaxRecursionDepth) \
-		fatalerror("Recursion limit (%u) exceeded", nMaxRecursionDepth); \
-} while (0)
+#define LOOKUP_POST_NEST(exp)
 	lookupExpansion(expansion, *distance);
 #undef LOOKUP_PRE_NEST
 #undef LOOKUP_POST_NEST
@@ -522,9 +518,13 @@ static void beginExpansion(size_t distance, uint8_t skip,
 	distance += lexerState->expansionOfs; /* Distance argument is relative to read offset! */
 	/* Increase the total length of all parents, and return the topmost one */
 	struct Expansion *parent = NULL;
+	unsigned int depth = 0;
 
 #define LOOKUP_PRE_NEST(exp) (exp)->totalLen += size
-#define LOOKUP_POST_NEST(exp)
+#define LOOKUP_POST_NEST(exp) do { \
+	if (++depth >= nMaxRecursionDepth) \
+		fatalerror("Recursion limit (%u) exceeded", nMaxRecursionDepth); \
+} while (0)
 	lookupExpansion(parent, distance);
 #undef LOOKUP_PRE_NEST
 #undef LOOKUP_POST_NEST
@@ -784,7 +784,7 @@ void lexer_DumpStringExpansions(void)
 {
 	if (!lexerState)
 		return;
-	struct Expansion *stack[nMaxRecursionDepth];
+	struct Expansion *stack[nMaxRecursionDepth + 1];
 	unsigned int depth = 0;
 	size_t distance = lexerState->expansionOfs;